Key issues can make or break an organization's strategic cloud adoption. The intersection of cloud computing with business strategy, Big Data, vendor lock-in, globalization, collaboration, security, licensing, virtualization, confidence, and the ‘new normal' can act as huge points of concern. So I put down some thoughts on this, and ended up - in no particular order - with the following 11 tips for the successful adoption of cloud computing:

1. The ‘new normal' makes cloud mandatory, not optional - the growing gap between flat (or down) IT budgets and the increasing business demand for innovation, new services, and growth is not sustainable. Any CIO who does nothing about this gap will be out of work - because they failed to deliver to business need, or because the business simply did it themselves. Cloud fills the gap by using time, money, and resources far more efficiently than legacy IT can, so IT can deliver business needs despite the ‘new normal'.

2. Business and IT need to get together to approach cloud strategically - this is not the time to stick your finger in the air and go whichever way the wind is blowing, or choose a cloud service just because a vocal staff member has tried it and likes it. You may get away with guesswork for dev/test, or for applications that don't really matter, but not for mission-critical business services. Take a strategic view, focus on business goals, make intentional decisions on which clouds you will use, where, when, and why.

3. Budget reduction is not the best reason to use cloud - indeed, it may not even be a good reason. Various studies have shown that cloud does not always reduce overall IT costs, and in many or even most cases it actually costs more over the long term. However, cloud makes it possible to pursue a vast range of new revenue-generating activities, plus it makes businesses faster and more agile in responding to market demands, competitive pressures, and new business opportunities. This is why most CIOs say they are investing in cloud for mobility, agility, and flexibility more than for simple cost reduction.

4. Cloud is not an outcome, it is an enabler - it lets you capitalize on new business opportunities like rapid innovation, social media, workforce mobility, BYOD, new market penetration, and more by providing essential technology features that underpin these efforts - like agility, scalability, geographic mobility, accessibility, availability and cost efficiency. But cloud doesn't make these opportunities happen by itself. Cloud is not a silver bullet - it still takes work to deliver business outcomes, and without the right roadmap for business service innovation, cloud is just another technology for IT to toy with (and for business to pay for).

5. Cloud is not a monolith - there is a wide range of cloud services, a veritable ‘cloud of clouds' available to fill business needs, delivered by multiple service providers (and your own IT department), and you do not need to just choose one. You may use SaaS applications like Salesforce.com or Intuit; infrastructure from Amazon or Rackspace; and cloud platforms from Microsoft or Google or VMware. You may build your own cloud using Citrix, VMware, Oracle, and more. You may even subscribe to a ‘community cloud' that is shared just by your peers. Most importantly, based on most current data on cloud adoption, you will probably do all of the above. Be prepared to adopt, manage, and secure this ‘cloud of clouds' - a ‘one-cloud' policy will never be realistic.

6. Cloud will not replace traditional IT - at least not for mid to large enterprises with a legacy investment - nor should it. The key will be choosing the right cloud(s) for each business need, and ensuring smooth integration with other cloud services and existing technology investments. In most cases integrating cloud with existing business assets provides better return on investment than a new cloud silo, and opens up more opportunities for leverage.

7. The idea that cloud is not secure is a myth - but like many great myths, there is a grain of truth behind it. Cloud can absolutely be as secure as an in-house data center, and in many cases it can be *more* secure. But this does not happen by accident, and does not happen just because you trust a third-party vendor to be ‘safe.' You need to work at it, and provide your own security layer on top of any cloud application. If you don't - and if you simply trust your provider to do it for you - don't be surprised when your company is the newest target of hacking attacks, data leaks, or identity loss.

8. The business service is still your responsibility - regardless of how you source a cloud computing service - from the in-house IT department, from a niche cloud provider, or from one of the big players. In all cases, you still need to maintain accountability for the full user experience. Cloud providers don't know your business, don't prioritize your applications, and are not the face of your business to the customer - they are commodity merchants. The quality of experience - and the interface to your customer - is still up to you.

9. SLAs are no substitute for preparation and contingency - in fact, many (most?) public cloud SLAs are toothless. Providers rarely volunteer to admit their breaches, and even when they do there is little to no recourse or restitution. While some exceptional cloud providers do provide solid SLAs, do not assume your provider will handle problems for you. Have your own a backup and recovery plan, monitor your own service performance, actively ensure your own data and identity protection. Most commodity cloud providers don't do this for you, at any price.

10. Be careful of cloud vendor lock-in - because while part of the beauty of cloud is new-found mobility and agility, if you get locked into a proprietary platform you will forgo a lot of that business benefit. Look for cloud options that allow you to get in and out relatively easily - or find management capabilities that make the underlying infrastructure irrelevant, by allowing you to focus on business services instead, regardless of where they are hosted.

11. Cloud does not mean we should forget all we knew - because even with cloud computing - or perhaps especially - IT still needs to apply many tried-and-true disciplines, like financial management, asset management, security and compliance, problem management, and more. You still need to deal with skills and resourcing. You still need to care about service levels, response times, and availability. The IT industry has grown into a lot of solid discipline for very good reasons. Cloud offers a ‘fresh start' to overcome a lot of IT problems, but it doesn't mean everything we knew is suddenly wrong.

—

So what do you reckon? Are these tips useful for you? What tips did I miss? I would love to see your comments either below or on Twitter.

Andi Mann is vice president of Strategic Solutions at CA Technologies. With more than 20 years’ experience across four continents, he has deep expertise of enterprise software on cloud, mainframe, midrange, server and desktop systems. He has worked within IT departments for governments and corporations, from small businesses to global multi-nationals; with several large enterprise software vendors; and as a leading industry analyst advising enterprises, governments, and IT vendors – from startups to the worlds’ largest companies. Andi is a co-author of the popular handbook, ‘Visible Ops – Private Cloud’; he blogs at ‘Andi Mann – Übergeek’ (http://pleasediscuss.com/andimann), and tweets as @AndiMann.

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.